Security Audit Service
Author: Anil Saldhana
Latest Article: http://server.dzone.com/articles/security-auditing-jboss
Objective
A user wants an audit trail of all security attempts at authentication and authorization. The reason for this can be due to government/corporate regulations etc.
JIRA Issue
http://jira.jboss.com/jira/browse/JBAS-2738
Availability
JBoss 5.0.0.Beta onwards
Information for Integrators
Auditing is performed at the security domain level. The reason for this is to provide different audit providers (The default audit provider is a LogAuditProvider that just logs the audit events).
String securityDomain = "jmx-console"; AuditContext ac = AuditManager.getAuditContext(securityDomain); //Create an Audit Event AuditEvent ae = new AuditEvent(auditLevel);//AuditLevel interface(ERROR,FAILURE,SUCCESS,INFO) ae.setContextMap(cmap); //Map of key value pairs ae.setUnderlyingException(ex); //If you want to log an exception along //Audit the event ac.audit(ae);
Configuration
TODO: Configuration of providers at the security domain level
Default configuration of the logging provider is done through the log4j.xml that drives JBoss logging (it is located in conf/log4j.xml)
<!-- Security AUDIT Appender -->
<appender name="AUDIT" class="org.jboss.logging.appender.DailyRollingFileAppender">
<errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"></errorHandler>
<param name="File" value="${jboss.server.log.dir}/security/audit.log"/>
<param name="Append" value="true"/>
<param name="DatePattern" value="'.'yyyy-MM-dd"/>
<layout class="org.apache.log4j.PatternLayout">
<param name="ConversionPattern" value="%d %-5p [%c] (%t:%x) %m%n"/>
</layout>
</appender>
<!-- Category specifically for Security Audit Provider -->
<category name="org.jboss.security.audit.providers.LogAuditProvider">
<priority value="TRACE" class="org.jboss.logging.XLevel"></priority>
<appender-ref ref="AUDIT"></appender-ref>
</category>
The audit log can be found in log/security/audit.log of your JBoss server configuration (eg: default)
Comments